News from DEF CON 23: fake deaths, DHS and Tesla court hackers
DEF CON wraps up its 23rd year in Las Vegas today, and the first wave of news reports show the notorious hacker conference's non-technical and sensational talks grabbing the first round of headlines.
As closing ceremonies wrap up, media reports about DEF CON 23 make their way online. While we'll see more analysis in the coming week, the first wave of news gives a taste of what happened at the biggest DEF CON yet.
Preliminary estimates have attendance around 20,000 at the conference's new, expanded digs across both Paris and Bally's hotels on the Las Vegas strip. The conference packed attendees, talks, contests, expo and hacking areas into many sprawling (huge!) ballrooms in both hotels and on multiple floors. There was so much going on, it was very difficult (if not impossible) to see everything.
The first reports, below, show just how diverse the event's range has become.
Hardware hacking village at DEFCON 23 ... what are these folks cooking up? :-> pic.twitter.com/xnXGQjSXZj
-- Terry Bradley (@PLEX_Terry) August 8, 2015
The man making puzzles for hackers: If you want to know how to keep 16,000 geeks entertained, ask the Lost Boy aka Ryan Clarke. He's the cryptographer and puzzle master at Def Con, the huge annual international conference for hackers, taking place again in Las Vegas. The fact that Def Con has a puzzle master at all is just one of the many reasons this conference is unlike any other.
There will never be enough said about the awesomness & genius of @1o57 in creating the @_defcon_ badges. #defcon pic.twitter.com/mekleUGN0i
-- Khalil (pilgrim) (@sehnaoui) August 6, 2015
bitchin' @_defcon_ elevator stickers at Bally's pic.twitter.com/paTZuzBNNc
-- Joseph Lorenzo Hall (@JoeBeOne) August 6, 2015
Hackers learn to digitally kill, manipulate death records at Australian's Def Con presentation: A rush to make registering deaths digital has made it simple for maliciously-minded hackers to have someone who is alive declared dead by authorities, an Australian computer security expert says. Getting birth certificates for virtual babies was demonstrated to be even easier than killing off people in the digital world, because registering births online only involves doctors and parents. See also: Def Con: How to virtually kill someone or cash in on fake babies
@_defcon_ ... and it begins.. i smell an imsi catcher... #ballys pic.twitter.com/pisvZGYQ1E
-- Mike (@ustayready) August 6, 2015
DEF CON 23: DHS deputy secretary's suggestions for building trust between hackers, gov't: During a Friday session at DEF CON 23 in Las Vegas, Department of Homeland Security (DHS) Deputy Secretary Alejandro Mayorkas discussed information sharing and building trust, and briefly noted that putting backdoors in encryption is a bad idea, which made the audience erupt into applause. At DEF CON, Mayorkas did not linger on the information sharing initiative discussed at Black Hat. Instead, he made suggestions for building that trust. "Let us prove to you what our capabilities are, and let us prove to you what the integrity of our actions and our intentions are," he said. Mayorkas offered two suggestions. (...)
@WilliamShatner @_defcon_ pic for you pic.twitter.com/PR3bWwd3Hv
-- LosT/李智上 (@1o57) August 7, 2015
How Hackers Could Get Out of House Arrest: A hacker has found a way to hack a device used to track people under house arrest, potentially allowing whoever is wearing the tracking anklet to get away-without the police finding out. While he was only able to study one particular model, researcher William Turner warned that it's likely others have the same weaknesses, and that manufacturers should start paying more attention.
@r00tzasylum @_defcon_ electronic dice made fromscratch,now my kid wants his own soldering kit,let the hacking begin! pic.twitter.com/OjWuB8tDEx
-- Luis Vidal (@luisvidalgt) August 9, 2015
Heists go Hollywood with DefCon hacks: Hollywood-style heists took on real-world potential as hackers at a Def Con gathering showed how to crack safes in full view of security cameras without ever being seen. Independent computer researchers Eric Van Albert and Zach Banks found a way to pull off the movie-script ploy of intercepting surveillance camera streams and then looping back video of nothing amiss while, ostensibly, safes or vaults are being emptied.
MT @cylab: 22 minutes left @_defcon_ Capture the Flag, hosted by @LegitBS_CTF! Rankings are hidden. #defconctf pic.twitter.com/8MYecWW2Sr
-- INI Carnegie Mellon (@inicmu) August 9, 2015
Hacking A Phone's GPS May Have Just Got Easier: Qihoo security researcher Lin Huang led the team that created a cheaper solution to spoofing a GPS signal over the course of a few months. Huang is the first woman from China to present at the Defcon security conference on Friday. Now a team of researchers at Chinese Internet security firm Qihoo 360 claim they've found a way to make a GPS emulator that can falsify the GPS location of smartphones and in-car navigation systems, more cheaply. (Qihoo's researchers famously hacked a Tesla Model S last year, taking control of the car's lock, horn and flashing lights.)
"Make the intern fly it through security" #defcon pic.twitter.com/Zap9znGmJY
-- Parker Higgins (@xor) August 9, 2015
Tesla courts hackers to defend high-tech cars: Hackers swarmed a Tesla sedan in a 'hacking village' at the infamous Def Con conference on Saturday as the high-tech electric car maker recruited talent to protect against cyber attacks. "Hackers are a crowd that is really important to us," Tesla's Khobi Brooklyn told AFP while Def Con attendees took turns inside a black Model S sedan parked inside a casino convention area. Tesla has worked with Lookout Mobile Security to find and patch software vulnerabilities in sedans, according to Brooklyn. See also: Tesla hackers explain how they did it at DEF CON 23
SCADA hacking at #defcon ICS hacking village pic.twitter.com/UTA6l6GVjj
-- Chris Wysopal (@WeldPond) August 7, 2015